This invention relates to access control for a storage system.
JP 2000-112822 A is an example of prior art in the field of access control technique for controlling access to a logical volume in a storage system from a host computer, in particular, a data security function of a logical volume. In JP 2000-112822 A, one of three attributes, one which allows read and write both, one which inhibits write, and one which inhibits read and write both, is set to each logical volume in a storage system. A read/write command from a computer is processed based on the attribute set to the logical volume where data is to be read or written.